Create an access token

Use the client_id and client_secret to generate an access token.
POST
/oauth2/token
cURL cURL
curl --request POST \
  --url https://api.moov.io/oauth2/token \
  --header 'Authorization: Basic REPLACE_BASIC_AUTH' \
  --header 'content-type: application/json' \
  --data '{"grant_type":"client_credentials","client_id":"5clTR_MdVrrkgxw2","client_secret":"dNC-hg7sVm22jc3g_Eogtyu0_1Mqh_4-","scope":"/accounts.write","refresh_token":"i1qxz68gu50zp4i8ceyxqogmq7y0yienm52351c6..."}'
curl --request POST \
  --url https://api.moov.io/oauth2/token \
  --header 'Authorization: Basic REPLACE_BASIC_AUTH' \
  --header 'content-type: application/x-www-form-urlencoded' \
  --data grant_type=client_credentials \
  --data client_id=5clTR_MdVrrkgxw2 \
  --data client_secret=dNC-hg7sVm22jc3g_Eogtyu0_1Mqh_4- \
  --data scope=%2Faccounts.write \
  --data refresh_token=i1qxz68gu50zp4i8ceyxqogmq7y0yienm52351c6...
200 400 429
Successfully exchanged the code to create a token
Possible responses that can be made to the /token endpoints. The type of response returned here will mirror the type of the request.
{
  "access_token": "i1qxz68gu50zp4i8ceyxqogmq7y0yienm52351c6...",
  "expires_in": 900,
  "refresh_token": "i1qxz68gu50zp4i8ceyxqogmq7y0yienm52351c6...",
  "scope": "/accounts.write",
  "token_type": "opaque"
}
Failure create token
{
  "error": "invalid_request"
}
Request was refused due to rate limiting.

X-Retry-In

string <duration>
How long (in milliseconds) to wait until able to retry the request.

Body

application/json
Allows the use of Client Credentials Grant per the RFC 6749 of (OAuth 2.0 Authorization Framework)[https://tools.ietf.org/html/rfc6749#section-4.4]. Following this specification will allow any tooling to be able to use this API to get an access_token.

grant_type

string<enum> required
Possible values: client_credentials, refresh_token

client_id

string<byte>
If not specified in Authorization: Basic it can be specified here.

client_secret

string<byte>
If not specified in Authorization: Basic it can be specified here.

refresh_token

string<byte> <=4096 characters
String passed to the authorization server to gain access to the system.

scope

string
A space-delimited list of scopes that are allowed.

Response

application/json
Possible responses that can be made to the /token endpoints. The type of response returned here will mirror the type of the request.
Option 1
Device model

access_token

string<byte> <=4096 characters
String passed to the authorization server to gain access to the system.

expires_in

integer<int32>
Number of seconds the token is valid for.

refresh_token

string<byte> <=4096 characters
String passed to the authorization server to gain access to the system.

scope

string
A space-delimited list of scopes that are allowed.

token_type

string<enum>
Type of token returned. Opaque is not parse-able while JWT follows JWT spec.
Possible values: opaque, jwt